Unix and Overlooked Pop Culture

Episode 66: Black Energy

18-11-2014

What Is BlackEnergy?

It is malware that has been used to attack many countries. Though the U.S. believes that the Russian government sponsored it, it has been used to attack Russia. Kasperky has been trying to dissect the malware in its entirety, and have been the recipients of a nasty message via source code (i.e. “Fuck U, kaspeRsky!!!”).

It has since been updated to include the ability of reading device ID’s from USB devices as well. Cisco routers and Windows systems are especially vulnerable, but Linux-based systems aren’t entirely immune.

“BlackEnergy, a popular DDoS Trojan, gained notoriety in 2008 when it was reported to have been used in the cyber attacks launched against the country of Georgie in the Russia/Georgia conflict. BlackEnergy was authored by a Russian hacker. A comprehensive analysis of the version of BlackEnergy circulating at the time was done in 2007 by Arbor Networks. Although many versions of the trojan builder kit are in circulation on underground forums, the last release of the original BlackEnergy trojan available at the time of this writing seems to be version 1.9.2.”

“Malware has never been as much of a problem for Linux as it is for Window. But BlackEnergy is a potent malware threat that has compromised Linux systems as well as Windows computers. Recently the threat posed by BlackEnergy has grown as more information has been gathered about this insidious malware.”

“A destructive ‘Trojan Horse’ malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.”

“National Secuirty sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat.”